Vulnerabilities > CVE-2003-1288 - Denial-Of-Service vulnerability in Vserver Linux-Vserver 1.22

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

vserver

NVD

Published: 2003-12-31

Updated: 2008-09-05

Summary

Multiple race conditions in Linux-VServer 1.22 with Linux kernel 2.4.23 and SMP allow local users to cause a denial of service (kernel oops) via unknown attack vectors related to the (1) s_info and (2) ip_info data structures and the (a) forget_original_parent, (b) goodness, (c) schedule, (d) update_process_times, and (e) vc_new_s_context functions.

Vulnerable Configurations

Part	Description	Count
Application	Vserver Vserver Linux Vserver 1.22	1

References

http://linux-vserver.org/ChangeLog
http://list.linux-vserver.org/archive/vserver/msg05630.html
http://list.linux-vserver.org/archive/vserver/msg05631.html
http://list.linux-vserver.org/archive/vserver/msg05658.html
http://www.osvdb.org/7587